Fortinet black logo

GCP Administration Guide

Home FortiGate Public Cloud 6.4.0 GCP Administration Guide

Deploying the secondary FortiGate-VM instance

6.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0
Copy Link
Copy Doc ID 62d32ecf-687f-11ea-9384-00505692583a:340635
Download PDF

Deploying the secondary FortiGate-VM instance

  1. Go to Compute Engine > VM Instances. Click CREATE INSTANCE.
  2. Configure the instance settings:
    1. In the Name field, enter the desired name.
    2. From the Region dropdown list, select the region where you created your VPC networks in Creating VPC networks.
    3. From the Zone dropdown list, select a zone within the chosen region. You must deploy both FortiGates in the same region and zone.
    4. From the Machine type dropdown list, select the number of vCPUs for this instance. This should match the FortiGate license and be a minimum of four vcPUs so that the instance supports four vNICs.
    5. Under Boot disk, click Change.
    6. On the Custom images tab, select the newly created image. Click Select.
    7. Click to expand Management, security, disks, networking, sole tenancy, then click Networking.
    8. Configure the unprotected network:
      1. Click the edit icon for the interface already created for the instance.
      2. From the Network dropdown list, select the unprotected network. Your subnet is automatically populated.
      3. From the External IP dropdown list, select Ephemeral. This IP address will be removed later, but is necessary to log into the FortiGate and upload the license prior to HA configuration.
      4. From the IP Forwarding dropdown list, select On.
      5. Click Done.
    9. Configure the protected network:
      1. Click Add network interface.
      2. From the Network dropdown list, select the protected network.
      3. From the External IP dropdown list, select None.
      4. Click Done.
    10. Configure the HA network:
      1. Click Add network interface.
      2. From the Network dropdown list, select the HA network.
      3. From the External IP dropdown list, select None.
      4. Click Done.
    11. Configure the management network:
      1. Click Add network interface.
      2. From the Network dropdown list, select the management network.
      3. From the External IP dropdown list, select Ephemeral.
      4. Click Done.
    caution icon

    You cannot add interfaces to an instance after creating it. If you create the instance with an improper interface configuration, you must destroy the instance and recreate it with the proper interface configuration.
  3. After configuring all elements, click Create.
Previous
Next

Deploying the secondary FortiGate-VM instance

  1. Go to Compute Engine > VM Instances. Click CREATE INSTANCE.
  2. Configure the instance settings:
    1. In the Name field, enter the desired name.
    2. From the Region dropdown list, select the region where you created your VPC networks in Creating VPC networks.
    3. From the Zone dropdown list, select a zone within the chosen region. You must deploy both FortiGates in the same region and zone.
    4. From the Machine type dropdown list, select the number of vCPUs for this instance. This should match the FortiGate license and be a minimum of four vcPUs so that the instance supports four vNICs.
    5. Under Boot disk, click Change.
    6. On the Custom images tab, select the newly created image. Click Select.
    7. Click to expand Management, security, disks, networking, sole tenancy, then click Networking.
    8. Configure the unprotected network:
      1. Click the edit icon for the interface already created for the instance.
      2. From the Network dropdown list, select the unprotected network. Your subnet is automatically populated.
      3. From the External IP dropdown list, select Ephemeral. This IP address will be removed later, but is necessary to log into the FortiGate and upload the license prior to HA configuration.
      4. From the IP Forwarding dropdown list, select On.
      5. Click Done.
    9. Configure the protected network:
      1. Click Add network interface.
      2. From the Network dropdown list, select the protected network.
      3. From the External IP dropdown list, select None.
      4. Click Done.
    10. Configure the HA network:
      1. Click Add network interface.
      2. From the Network dropdown list, select the HA network.
      3. From the External IP dropdown list, select None.
      4. Click Done.
    11. Configure the management network:
      1. Click Add network interface.
      2. From the Network dropdown list, select the management network.
      3. From the External IP dropdown list, select Ephemeral.
      4. Click Done.
    caution icon

    You cannot add interfaces to an instance after creating it. If you create the instance with an improper interface configuration, you must destroy the instance and recreate it with the proper interface configuration.
  3. After configuring all elements, click Create.
Previous
Next